New browser hijacker/click fraud malware threatens Windows users

In its latest Security Intelligence Report, Microsoft has noted that malware designed to make money for the attacker via click fraud, performing Bitcoin mining, and redirecting search results, has been plentiful in the last quarter of 2014.

Cyber crooks seem to love that type of malware, as if often lays undetected on the victims’ computer, and makes money for them steadily and easily – they don’t have to sell stolen data on underground forums, or risk being tied to direct extortion such as with ransomware.

Now, there are long-standing malware families of this kind that have proven to be extremely hardy and have been around for years, but new ones pop up all the time.

Take for example the Miuref, a piece of malware that hijacks browsers and search results. First detected in December 2013, the malware is spread via a number of vectors: spam emails, social engineering approaches trying to convince users to run its installer (the commercially available and legitimate Nullsoft installer), and via dropper Trojans.